Design and Security Analysis of a Fragment of Internet of Things Telecommunication System

This paper comprises the development and implementation of systems using the concept of Internet of Things. In terms of active development of industries, use the concept of the Internet of Things, the information security problem is urgent. To create a protected module of information-telecommunication system which implements the Internet of Things concept, it is important to take into account all its aspects. To determine relevant threats, it is necessary to use the detailed risk analysis according to existing GOST standards when choosing protection measures, one must rely on identified relevant threats. Actual threats and necessary protective actions are determined in this paper for implementation of Smart House computer appliance module, in order to develop a protected part of Smart House, which is necessary for realization of room access control. We solved the following tasks in the work, namely, a description of the system Smart Home, a description of steps and evaluation system security Smart Home; implementation of hardware assembly and writing a code for the selected fragment of the system; safety evaluation of the selected fragment Smart House and identification of actual threats; make recommendations to counter current threats; software implementation of one of the most urgent threats and software implementation of protective measures for a selected threat. A feature of the work is an integrated approach to the design with the use of the intruder models, analysis of the system’s assets and evaluation of their security.

1. Morgan S., Internet Trends: 2007, http://www.slideshare.net/rmesquita/morgan-stanley-technology-internet-trends.

2. GOST R ISO/MJeK TO 13335-3-2007. Informacionnaja tehnologija. Metody i sredstva obespechenija bezopasnosti. Chast 3. Metody menedzhmenta bezopasnosti informacionnyh tehnologij, 2007, URL: http://ohranatruda.ru/ot biblio/normativ/data normativ/51/51065.html, (in Russian).

3. Information technology. Security techniques. Part 1. Concepts and models for information and communications technology security management, 2006, http://www.gosthelp.ru/gost/gost271.html, (in Russian).

4. Richardson M., Uolles S., Zavodim Raspberry Pi, Amperka, 2013, 230 с., (in Russian).

5. Lutc M., Programmirovanie na Python, 2, Simvol-Pljus, 2011, 992 с., (in Russian).

6. Abraham D. G., Dolan G. M., Double G. P., “Transaction Security System”, IBM Systems Journal, 30:2 (1991), 230–243.

7. Desnitsky V.A., Chechulin A. A., “Obobshhennaja model narushitelja i verifikacija informacionno- telekommunikacionnyh sistem so vstroennymi ustrojstvami”, Tehnicheskie nauki ot teorii k praktike, 2014, № 39, 7– 21, (in Russian).